<?php

include('includes/basic.php');

$vendorid=$_POST['vid'];
$vendor=$_POST['vname'];
$vendordesc=addslashes($_POST['vdesc']);
$uname=$_POST['uname'];
$pass=md5($_POST['password']);




	$sql="update vendor_master set vendor='$vendor',vendor_desc='$vendordesc',user_name='$uname',password='$pass' where vendor_id=$vendorid";
	$sql_res=mysql_query($sql);


	if(isset($_POST['submit']) && $_FILES['uploadedfile']['size'] > 0)
			{

				$fileName = $_FILES['uploadedfile']['name'];
				$tmpName = $_FILES['uploadedfile']['tmp_name'];
				$fileSize = $_FILES['uploadedfile']['size'];
				$fileType = $_FILES['uploadedfile']['type'];
				
				$fp      = fopen($tmpName, 'r');
				$content = fread($fp, filesize($tmpName));
				$content = addslashes($content);
				fclose($fp);
				
				if(!get_magic_quotes_gpc())
				{
					$fileName = addslashes($fileName);
				}
				$check = mysql_query("select * from vendor_logo where vendor_id=$vendorid");
				if(mysql_num_rows($check)>0)
				{
				$query = "update vendor_logo set name='$fileName', size='$fileSize', type='$fileType', content='$content', uploaded_on=sysdate() where vendor_id=$vendorid";
				}
				else
				{
				$query = "INSERT INTO vendor_logo (vendor_id,name, size, type, content, uploaded_on) VALUES ('$vendorid','$fileName', '$fileSize', '$fileType', '$content', sysdate())";
				}

				mysql_query($query) or die('Error, query failed'); 

				
			}

	
	if($sql_res)
	{
		header("location:view-vendors.php");
	}
?>


